Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
Bedrock Mission!

Learn more

View all

Sign in to view all badges

OCSP_STATUS_UNAUTHORIZED

Avatar

Level 4

Hi All,

I am using pdf signature verification process for validating the signature in PDF.

The output for signature verification is giving signer status - unknown

Please find PDF verification Result which will illustrate the issue for you.

<com.adobe.livecycle.signatures.client.types.PDFSignatureVerificationResult>
  <signerName>Abhishek Bhandari</signerName>
  <signatureStatus>VALIDANDUNMODIFIED</signatureStatus>
  <signerStatus>UNKNOWN</signerStatus>
  <certPaths>
    <com.adobe.livecycle.signatures.client.types.SignerCertificatePath>
      <certificateDER>
        <byte-array>MIIEZzCCA0+gAwIBAgIQCuAoSgAAASisyEfvAAA4uTANBgkqhkiG9w0BAQUFADBIMRIwEAYDVQQdDH9dRA</byte-array>
        <byte-array>ChIhW6rg==</byte-array>
      </certificateDER>
      <status reference="../../../signerStatus"/>
      <failureReason>NO_FAILURE</failureReason>
      <certificateInformation>
        <com.adobe.livecycle.signatures.client.types.CertificateInformation>
          <certificate reference="../../../certificateDER/byte-array"/>
          <isTrusted>false</isTrusted>
          <revocationInformation>
            <status>Trouble</status>
            <statusMessage>ALC-DSS-111-008: OCSP response parsing error: PKI Generic Exception:  could not decode ocsp response (in the operation : decode)
Caused By: OCSP_STATUS_UNAUTHORIZED(OCSPResponse.java446)</statusMessage>
          </revocationInformation>
        </com.adobe.livecycle.signatures.client.types.CertificateInformation>
        <com.adobe.livecycle.signatures.client.types.CertificateInformation>
          <certificate reference="../../../certificateDER/byte-array[2]"/>
          <isTrusted>false</isTrusted>
          <revocationInformation>
            <status>Trouble</status>
            <statusMessage>ALC-DSS-111-008: OCSP response parsing error: PKI Generic Exception:  could not decode ocsp response (in the operation : decode)
Caused By: OCSP_STATUS_UNAUTHORIZED(OCSPResponse.java446)
</statusMessage>
          </revocationInformation>
        </com.adobe.livecycle.signatures.client.types.CertificateInformation>
        <com.adobe.livecycle.signatures.client.types.CertificateInformation>
          <certificate reference="../../../certificateDER/byte-array[3]"/>
          <isTrusted>true</isTrusted>
        </com.adobe.livecycle.signatures.client.types.CertificateInformation>
      </certificateInformation>
    </com.adobe.livecycle.signatures.client.types.SignerCertificatePath>
  </certPaths>
  <revision>1</revision>
  <numRevisions>1</numRevisions>
  <permissions>ALL</permissions>
  <policyQualifierList/>
  <dateSigned>2010-05-25 09:55:40.0 EDT</dateSigned>
  <isSigningDateTimestamped>false</isSigningDateTimestamped>
  <tsaStatus reference="../signerStatus"/>
</com.adobe.livecycle.signatures.client.types.PDFSignatureVerificationResult>

Please friends do reply for this issue.

0 Replies

Avatar

Level 9

Can you post the signed PDF that you are using for testing purposes?

Thanks

Steve

Avatar

Level 2

This can happen if the OCSP server requires the OCSP request to be signed. If this is the case, you can set the request signer's credential in the Signature Service AAC.

Avatar

Level 4

Actually certificate validity has expired.

Thanks to all of you to support me to resolve this issue out.